- Font:
- +
- -
Your iTunes player may have it out for you, especially if you've been lazy in updating your software.
-
More from TODAY.com
-
Oklahoma tornado kills 51, including 20 kids
An enormous tornado roared through the Oklahoma City suburbs, killing at least 51 people, including 20 children Monday.
- Ray Manzarek of The Doors dies at 74
- Willie Geist shows off his style evolution in Esquire
- Teen behind viral hit dies weeks after celeb tribute
- Delivery room drama: Has birth become a spectator sport?
-
Oklahoma tornado kills 51, including 20 kids
Security researchers have discovered a flaw in the ubiquitous Apple music player that could enable attackers to take over and run arbitrary code on targeted machines, SC Magazine reported.
The iTunes flaw is "due to a boundary error in the processing of a playlist file," the security firm Zero Science Lab explained, and is exploited when an attacker tricks the victim into opening a rigged M3U file.
M3U is a plain text file format that specifies the location of media files, and is used to store multimedia playlists. The security flaw was discovered in iTunes version 10.6.0.40 and was present in the next version, 10.6.1.7.
On June 11, Apple updated iTunes to version 10.6.3 to address the problem. In the same way unpatched Internet Explorer users are currently at risk, if you haven't patched your iTunes software since the new version was shipped, you could still be vulnerable to the exploit.
- Five Apple Security Myths — and the Hard Truths
- Beware Identity Theft While on Vacation
- 10 Best Mac Anti-Virus Software Products
© 2012 SecurityNewsDaily. All rights reserved
“ ”